Take server security seriously
– and stop hackers in their tracks

Server room security

When people think of server security, they usually think of providing protection from dangerous hackers who launch attacks via the Internet. But even with the current Cloud revolution, servers are still stored in computer centers and server rooms. The hardware in these rooms must regularly be maintained and checked for wear and tear. This hardware is also exposed to a range of physical risks, including everything from fluctuations in voltage to earthquakes. And because of the central role played by servers, the problems that occur in the server room can quickly have an impact on the entire company.

Secure the surroundings

If possible, the servers should be set up in a separate building where you have total control over the room and its surroundings. However, such a setup only makes sense if your company has grown beyond a certain size. If the building is used for other purposes, then an individual fire detection system (at the very least) should be installed to help prevent fires in neighboring departments from reaching the server room.

The following security aspects should be taken into consideration for the area surrounding the server room:

How might the servers be put at risk by bordering rooms or adjacent floors? (For example, by a burst water pipe or increased visitor traffic which criminals could use to their advantage.)

All cables should be firmly in place inside the cable room, ideally under a raised floor. Another security measure involves the use of sockets with voltage regulators. In addition, all flammable objects should be kept a good distance from the server room. It is not recommended that the server room be used as an informal place of storage.

If possible, the server room should be equipped with its own electrical circuit to spare it from external power outages. Short circuits in neighboring departments should not have an impact on your servers. We recommend using an emergency generator to safeguard against large-scale power outages, especially if your servers are used for supplying services to other locations.

Natural hazards

Server hardware can also be affected by the temperature and humidity of the air in the room. Server rooms should therefore be equipped with air conditioners, heaters, and ventilation systems. If the room has windows, then it should be protected from any eventual rain or condensation. The presence of nearby water pipes (and their potentially dangerous effects) should also be taken into account. The room can be controlled by temperature and humidity sensors. These sensors should deliver their data to a centralized monitoring system so an alarm can be triggered in the event that the respective threshold values are exceeded.

The same goes for smoke detectors and fire detection systems. Automated fire extinguishing devices can save you having to purchase expensive new hardware down the line. The server room should also be equipped with hand-held fire extinguishers.

Since most servers and their components run non-stop and for years on end, even the most minimal risks become a real danger. You must therefore prepare for these risks as well. Depending on the geographical location, servers must be protected against earthquakes and other natural phenomena. One idea is to set up a second computer center in another location to provide for extra protection in the event of a total system failure.

Limiting access

Customer and company data saved on servers – and in corresponding storage systems – requires special protection. As a consequence, you will have to control who is able to access this data via the network. Access to the server room itself should also be dictated by a transparent set of rules. By controlling and keeping a record of access to the server room, tampering by unauthorized persons can be prevented or (at the very least) easily retraced.

It may seem trivial, but to prevent unauthorized persons from gaining access to the server room, you must come up with ways that make it as difficult as possible for such people to achieve their goal. One such strategy involves removing all signs pointing to the server room. After all, those who have access know where it is.

In addition, avoid setting up the server room next to a department with guest workstations. There should be no easy way for non-company employees to access the server room without the proper authorization. The server room itself should always be locked.

All access points to the server room (from the inside or outside) should be secured in such a way that even the most sophisticated break-in methods fail. After all, break-ins can also occur during the night, on weekends, and on holidays. It is not only important to secure doors and windows, but also portholes, ventilation shafts, and light wells. Additionally, you should think about where small rodents might be able to get in. Such openings include locks, grates, and security doors and windows.

It might also be a good idea to install a video surveillance system to monitor the entrance area and potential entry points in the surrounding area, all the while taking data protection regulations into account.

Access rights: knowing when and how to grant them

Security loopholes can arise when rights are granted in an inconsistent or random fashion. The company must clearly define who needs access to the server room, and who shall receive a chip card or key. All such access rights should be recorded in writing.

Furthermore, the company must ensure keys are returned when there is no longer any reason for people to have them. It must also have a clear-cut policy on what to do if a key or chip card goes missing, on the measures which are to be taken - and where a spare key is to be kept in the case of an emergency.

As is often the case for security-critical questions, the following principle applies: as little access as possible, and only as much as necessary. All access to and contact with IT systems should be documented and checked on a regular basis.

Server room monitoring

Ideally, sensors and alerts will be configured for each of these cases as part of your centralized monitoring environment, such that an alarm is sent to the manager in the event of fluctuations in temperature or humidity, smoke, fires, hardware error messages, and unauthorized access or entry.

Precautions to prevent attacks

Once you have found a suitable location for your servers, it is then a matter of setting them up in a secure fashion. In particular, you will want to make sure you have a constant overview of your servers, and take precautionary measures by closing security loopholes and gateways. An attacker should be given as few attack options as possible.

Minimal systems

The simpler the system, the less prone it is to errors and the fewer software errors and loopholes you will have to fix. Servers, too, should be configured in as simple and transparent a way as possible. Their hardware, services, and operating system should be geared towards performing concrete tasks. The more complex the system, the harder it is to maintain an overview – and the more likely loopholes will go overlooked.

You should therefore only use those hardware components that are absolutely necessary for the functioning of your business. The operating system must be configured properly, services clearly related to the business and its purpose, and interfaces to the Internet kept to a minimum. If hardware components, services, or interfaces are no longer needed, then they should be uninstalled or closed.

Rights management

As employees (and their devices and accounts) can attract the attention of hackers, they should only have access to the services and data they are authorized to use, and only obtain the rights they need to complete their tasks.

Various rights are therefore assigned to different user accounts, and define the areas which users can access and the operations (read, write, and execute) they can perform. Regular users, for example, should not receive administrator rights. Rights management makes servers more secure. On the one hand, inexperienced users are unable to accidentally cause damage, while on the other, hackers cannot infiltrate key areas by hacking user accounts.

In general, the configuration of rights takes place via a central user management system that is accessible by the server. A central management system is less prone to error, but must also be properly secured. Data transmission between the client and server must be encrypted, otherwise attackers will be able to read passwords. Examples include the directory services LDAP (Lightweight Directory Access Protocol) and Microsoft Active Directory. Think of using Secure LDAP or LDAPS instead of the unencrypted version of LDAP.

Employee training

If all rights have been assigned properly, then you’ve already gone a long way in protecting client machines from potential attacks. It’s not possible to eliminate attacks completely, for employees need interfaces for their business processes (which include everything from simple searches to email traffic and access to the business account). Employees should therefore be taught how to go about handling devices, accounts, and user rights. They should also learn how to spot an attack, as well as help prevent them.

One hacker method for targeting employees is called “social engineering.” Social engineering occurs when people are influenced to behave in a certain way, such as disclose their passwords and other confidential information or click on a link that allows for malware to be installed on their machine.

Such a scam may involve a call from a “service technician” who urgently needs to access your data. Another version involves the use of phishing emails which urge employees to surf to a certain page, thereby allowing a hacker to obtain their login information or infect their computers. Phishing is usually performed on a large scale: if thousands of emails are sent, then at least one recipient is bound to click on the link and thus hand over access to the company network. “Spear phishing” is a special type of phishing that uses legitimate-looking emails to target specific groups.

Employees play key roles in improving the security of your servers and network. They should be made familiar with topics such as phishing, secure passwords, and responsible behavior at the workplace. Sometimes leaving a guest alone in front of a computer is all it takes to put the company at risk.

Software updates

Software – from firmware to the business tool – can also put the company at risk. Programming errors can be behind security loopholes as well as other flaws. Exploits take advantage of these weak spots to first gain access to the network and servers and then obtain secret company information or embed malware.

At the same time, professionals gather exploits into “exploit kits,” provide them with an easy-to-use interface, and sell them to interested hackers. In this way, a large range of potential weak spots can be “run through” with little to no effort at all.

If weak spots are uncovered, they should be eliminated by way of countermeasures or security updates that are automatically distributed to all the workstations in the company. By doing so, you’ll at least be sure to close all the known gateways. But the risk still remains that the hacker is one step ahead of the manufacturer and the IT security department.

Memory protection devices and memory randomization

Even if a program is run without errors, a hacker can still break in. Inadequate memory management can therefore pose a security risk. In such a case, the reserved memory is too small for the volume of data. The resulting buffer overflows can cause data to be written in memory regions, which can subsequently damage programs and other data. Hackers take advantage of this situation to selectively crash programs or embed program code.

To prevent programs from being run in unauthorized memory regions, think of installing a memory protection device (Executable Space Protection, or "ESP”). While some operating systems can do this without hardware support, certain processors come with hardware that supports ESP.

But even ESP has loopholes. If attackers understand the program structure, they can use a buffer overflow to crash the program (e.g. by overwriting the data in the buffer). Memory randomization (Address Space Layout Randomization, ASLR) can help prevent such attacks. As its name suggests, ASLR arranges address spaces randomly.

The securing of remote connections

More and more companies rely on remote administration – via the local network or Internet – to manage their servers. Remote administration is helpful for quickly identifying problems and determining if threshold values have been exceeded. Faster information lets you take faster action and limit potentially negative consequences. As a result, systems distributed throughout the entire world can be monitored and managed from one central location.

Remote management interfaces can also query the status of hardware if the system is shut down, and thus do not rely on operating systems. With a remote management interface, the system can be restarted from afar (and shut down again). The only requirement is a connection to the power supply. The Intelligent Platform Management Interface (IPMI) works with the hardware of any manufacturer. It can query the statuses of power supplies, processors, fans, and hard drives. There are also manufacturer-specific interfaces.

Regardless of the interface, it’s important that the connection be secure and encrypted to prevent data from being queried by unauthorized persons and ensure unknown third parties do not gain control of the system. A hacker with access to this connection can shut down your hardware completely.